[Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 325
  • Last Modified:

network monitoring software??

im not really sure if this type of software exists, but here is my plight.

im the "network administrator" (fresh out of college tech kid), at a medium sized company.

people on my network are going to questionable websites all the time(streaming video + radio), and using software that is not fit for the workplace(limewire + messaging clients). anyway the higher ups want me to be able to monitor and block what users on the network are doing. im assuming i need url blocking, and port blocking, plus a network usage monitor for each client on the network....

my setup is.....

win2003 domain controller ethernet to about 50 stations running xp pro.

what solution is best for me?


thanks in advance
.chris.
0
ccurcio
Asked:
ccurcio
  • 2
  • 2
  • 2
  • +6
7 Solutions
 
sachinwadhwaCommented:
use Proxy

search for Microsoft ISA or WinProxy
0
 
Italia_NYCCommented:
You have a few options.

As previously mentioned, a proxy server and/or Application-based firewall such as MS ISA Server would suffice your needs.

Also Websense (http://www.websense.com) will do the job quite well.

There are a plethora of hardware (and software) devices out there that will monitor web traffic and allow you to block sites at will. Do a little research, and you will find options a plenty.

 
0
 
iedenCommented:
ISA Proxy is a good start.

If your company wants a true IPS and the ability to block users from accessing certain sites and services think http://www.sourcefire.com

Another option is to use a product like LanDesk security suite. There are good rules and policy setting features there.

It depends on how crazy they want to get with money.

0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
ccurcioAuthor Commented:

all these solutions seem good, but they do alot more than i need.

company wouldnt have any problem spending around $1500 on the software, but all i really need is to block certian websites, and ports over the network.

as far ISA is looking decent though like i said, it does way more than i want
0
 
Italia_NYCCommented:
Do you have any routers or firewalls in your organization?

You can create a few simple access-lists to block ports and websites. And it's free. =)
0
 
masnrockCommented:
Or you could look for something like WinProxy (http://www.winproxy.com) . But yeah, it's a pain in the neck that companies love tying together their products... makes it a little harder for you to put together a best of breed or a "best for me" package.

If you want something more hardware related, but I know couldn't be that cheap (or they wouldn't make money) would be a PacketShaper from Packeteer (http://www.packeteer.com).
0
 
Sebastien47136Commented:
Well I'm a Netware shop myself, but the product we use for blocking which is pretty effective is SurfControl (www.surfcontrol.com). It comes with a predefined database of sites that updates every day and you can add your own if you find that folks are getting around the monitor. It does require that you run your proxy though.

If you aren't doing that then you might want to look at getting Vericept (Vericept.com). Some other schools with more money have gone for that and are very happy with it.

I'd be interesting in finding your network traffic monitor as I'm looking for a good one for cheap as well.

Good luck.

0
 
nepostojeci_emailCommented:
Get a firewall no matter is it hardware or software firewall, it does matter
that you have one, so you can create a policies for the incoming/outgoing
packets. I recommend that you install a software firewall on a gateway
machine (the machine everybody is using to access the internet). You can
find out that doing "ipconfig" in a DOS prompt on any client's machine.
You'll get the result like this:

C:\>ipconfig
Windows IP Configuration
PPP adapter ADAPTERNAME:
        Connection-specific DNS Suffix  . :
        IP Address. . . . . . . . . . . . : 82.208.195.51
        Subnet Mask . . . . . . . . . . . : 255.255.255.255
        Default Gateway . . . . . . . . . : 82.208.195.51

the line "Default Gateway . . . . . . . . . : 82.208.195.51" is the one you need.

Also, you may find useful some network packets analyzers, like:

CommView
http://www.tamos.com/download/main/index.php

EtherDetect
http://www.etherdetect.com/download.htm

which will help you when you have some sort of traffic that you cannot
check/control under firewall, including all TCP/UDP/ICMP/etc. packets.
0
 
masnrockCommented:
Is there a policy in place against inappropriate computer usage already? If not, you may want to look into that. That's the first thing... make sure the rules are in place to leave you open to monitoring and whatnot.

But then with something like your filter or your packet analyzer, you can actually start figuring out WHO is doing it, then trace it back to them.
0
 
iedenCommented:
This is a checklist of 10 ways to monitor what your users are doing with company computers.

http://techrepublic.com.com/5138-1009-6029395.html?tag=nl.e138

Registration is free too.

The document is a pdf and has links to other free resources as well.
0
 
mianniCommented:
If you have an old box lying around why not try downloading "clark connect" software.
It has loads of functions, Firewall based on iptables, squid for proxy, dansguardian as content filter, snortsam for IDS.

They have a free trial version or home version, but for a corporation you should purchase it if you like it as it is very reasonably priced.
Extremely easy to use and configure www.clarkconnect.com.
0
 
mh144831Commented:
I would take a look at PRTG Traffic Grapher.

www.paessler.com

This program comes complete with a packet sniffer which when setup will enable you to see where the main offenders are and what ports to block to stop them doing it.

You could then buy a firewall/application layer or tie down there machines to prevent them doing this.
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

  • 2
  • 2
  • 2
  • +6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now